[Resolvido!] virus ou malware

Cairo Santos · Agosto 21, 2010

Bom dia pessoal do iMasters, antes, quero parabenizá-los pelo fórum, que ajuda muitos leigos e ate mesmo pessoas avançadas na área da informática. Bem como pertenço ao 1° grupo(leigos), estou tendo um pequeno problema que é esse: "failed to set data for “synnglp"", não sei se é vírus ou não, já utilizei o antivirus, spyware terminator, malwarebytes, mas ele continua toda vez que inicio o pc, aparece essa mensagem. Agradeço desde já pela ajuda, segue o log do hijackthis:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 06:23:32, on 21/08/2010

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16385)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskhost.exe

C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe

C:\Program Files\Unlocker\UnlockerAssistant.exe

C:\Program Files\Spyware Terminator\SpywareTerminatorShield.Exe

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Windows\System32\SynNglp.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

C:\PROGRA~1\Crawler\Toolbar\CToolbar.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Internet Download Manager\IDMan.exe

C:\Program Files\Internet Download Manager\IEMonitor.exe

C:\Users\Cairo\Documents\Downloads\Programs\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://www.pacotesr0x.biz/0xf04.pac

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll

R3 - URLSearchHook: (no name) - {b5d39f9d-9d08-4466-8f80-9873ed5124dd} - (no file)

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll

O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - (no file)

O3 - Toolbar: Barra de Ferramentas &Crawler - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll

O3 - Toolbar: (no name) - {b5d39f9d-9d08-4466-8f80-9873ed5124dd} - (no file)

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [RemoteControl8] "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"

O4 - HKLM\..\Run: [PDVD8LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"

O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"

O4 - HKLM\..\Run: [spywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui

O4 - HKLM\..\Run: [synNglp] C:\Windows\system32\SynNglp.exe

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKCU\..\Run: [iDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot

O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork

O4 - HKUS\S-1-5-21-1295590882-402542252-118978673-1000\..\Run: [iDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot (User '?')

O4 - HKUS\S-1-5-21-1295590882-402542252-118978673-1000\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h (User '?')

O4 - HKUS\S-1-5-21-1295590882-402542252-118978673-1000\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User '?')

O4 - HKUS\S-1-5-21-1295590882-402542252-118978673-1000\..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe /windowsstart /startifwork (User '?')

O4 - HKUS\S-1-5-18\..\Run: [spywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" (User '?')

O4 - HKUS\.DEFAULT\..\Run: [spywareTerminatorUpdate] "C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe" (User 'Default user')

O4 - S-1-5-21-1295590882-402542252-118978673-1000 Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User '?')

O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: Crawler Search - tbr:iemenu

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Fazer o download de conteúdo de vídeo FLV usando o IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm

O8 - Extra context menu item: Fazer o download de todos os links usando o IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm

O8 - Extra context menu item: Fazer o download usando o IDM - C:\Program Files\Internet Download Manager\IEExt.htm

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll

O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\cFosSpeed\spd.exe

O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 7\Dfsdks.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

O23 - Service: @C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpDefragService.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

--

End of file - 8623 bytes

wings · Agosto 21, 2010

Boa tarde...

1.

*Baixe o SCRP e salve-o no desktop

*Execute o SCRP, aguarde e clique em [OK]

*Delete o SCRP

2.

*Execute o hijack, clique em [Do a system scan only], selecione as entradas abaixo e clique em [Fixchecked]

R3 - URLSearchHook: (no name) - {b5d39f9d-9d08-4466-8f80-9873ed5124dd} - (no file)
O3 - Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - (no file)

O3 - Toolbar: (no name) - {b5d39f9d-9d08-4466-8f80-9873ed5124dd} - (no file)

*Feche o hijack

3.

*Baixe o OTL e salve-o no desktop

*Execute o OTL e selecione as opções abaixo:

[] Verificar All Users
[] Ignorar Arquivos Microsoft

[] Usar WhiteList para Nomes de Companhias

[] Verificar Purity

*Em "Extra Registry", selecione a opção

[] SafeList

*Em "Exames Personalizados/Correções" cole o código abaixo:

netsvcs
msconfig

safebootminimal

safebootnetwork

activex

drivers32

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%APPDATA%\*.

%APPDATA%\*.exe /s

%SYSTEMDRIVE%\*.exe

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\system32\drivers\*.sys /lockedfiles

*Clique em [Verificar] e aguarde o término

*Cole os relatórios OTL.txt e Extras.txt criados no desktop

Cairo Santos · Agosto 21, 2010

Boa tarde...

1.

*Baixe o SCRP'>http://download.cnet.com/Single-Click-Restre-Point/3000-2094_4-10806051.html"]SCRP e salve-o no desktop

*Execute o SCRP, aguarde e clique em [OK]

*Delete o SCRP

2.

*Execute o hijack, clique em [Do a system scan only], selecione as entradas abaixo e clique em [Fixchecked]

R3 - URLSearchHook: (no name) - {b5d39f9d-9d08-4466-8f80-9873ed5124dd} - (no file)
O3 - Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - (no file)

O3 - Toolbar: (no name) - {b5d39f9d-9d08-4466-8f80-9873ed5124dd} - (no file)

*Feche o hijack

3.

*Baixe o OTL'>http://oldtimer.geekstogo.com/OTL.exe"]OTL e salve-o no desktop

*Execute o OTL e selecione as opções abaixo:

[] Verificar All Users
[] Ignorar Arquivos Microsoft

[] Usar WhiteList para Nomes de Companhias

[] Verificar Purity

*Em "Extra Registry", selecione a opção

[] SafeList

*Em "Exames Personalizados/Correções" cole o código abaixo:

netsvcs
msconfig

safebootminimal

safebootnetwork

activex

drivers32

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%APPDATA%\*.

%APPDATA%\*.exe /s

%SYSTEMDRIVE%\*.exe

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\system32\drivers\*.sys /lockedfiles

*Clique em [Verificar] e aguarde o término

*Cole os relatórios OTL.txt e Extras.txt criados no desktop

Cairo Santos · Agosto 21, 2010

Desculpe-me da resposta anterior, apertei a tecla errada aqui,aqui estão os relatórios que solicitou:

OTL logfile created on: 21/08/2010 14:36:55 - Run 1

OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Cairo\Desktop

Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 60,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 71,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 73,14 Gb Total Space | 26,99 Gb Free Space | 36,89% Space Free | Partition Type: NTFS

Drive D: | 75,81 Gb Total Space | 43,05 Gb Free Space | 56,79% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: CAIRO-PC

Current User Name: Cairo

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 30 Days

Output = Standard

========== Processes (SafeList) ==========

PRC - [2010/08/21 14:26:26 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Cairo\Desktop\OTL.exe

PRC - [2010/08/17 10:23:28 | 000,421,376 | ---- | M] () -- C:\Windows\System32\SynNglp.exe

PRC - [2010/08/10 15:10:58 | 002,349,776 | ---- | M] (IObit) -- C:\Arquivos de Programas\IObit\Advanced SystemCare 3\AWC.exe

PRC - [2010/07/25 20:43:41 | 000,014,808 | ---- | M] (Mozilla Corporation) -- C:\Arquivos de Programas\Mozilla Firefox\plugin-container.exe

PRC - [2010/07/25 20:43:40 | 000,910,296 | ---- | M] (Mozilla Corporation) -- C:\Arquivos de Programas\Mozilla Firefox\firefox.exe

PRC - [2010/07/23 02:45:30 | 002,497,488 | ---- | M] (Crawler.com) -- C:\Arquivos de Programas\Crawler\Toolbar\CToolbar.exe

PRC - [2010/06/28 17:57:18 | 002,837,864 | ---- | M] (AVAST Software) -- C:\Arquivos de Programas\Alwil Software\Avast5\AvastUI.exe

PRC - [2010/06/28 17:57:15 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Arquivos de Programas\Alwil Software\Avast5\AvastSvc.exe

PRC - [2010/06/17 12:40:16 | 003,037,696 | ---- | M] (Crawler.com) -- C:\Arquivos de Programas\Spyware Terminator\SpywareTerminatorUpdate.exe

PRC - [2010/06/17 12:40:16 | 002,176,512 | ---- | M] (Crawler.com) -- C:\Arquivos de Programas\Spyware Terminator\SpywareTerminatorShield.Exe

PRC - [2010/06/17 12:40:16 | 000,488,960 | ---- | M] (Crawler.com) -- C:\Arquivos de Programas\Spyware Terminator\sp_rsser.exe

PRC - [2010/05/31 13:33:48 | 000,314,584 | R--- | M] (cFos Software GmbH) -- C:\Arquivos de Programas\cFosSpeed\spd.exe

PRC - [2010/05/26 10:03:07 | 003,220,912 | ---- | M] (Tonec Inc.) -- C:\Arquivos de Programas\Internet Download Manager\IDMan.exe

PRC - [2010/05/25 10:28:58 | 000,263,600 | ---- | M] (Tonec Inc.) -- C:\Arquivos de Programas\Internet Download Manager\IEMonitor.exe

PRC - [2010/05/07 17:50:06 | 000,719,688 | ---- | M] (TuneUp Software) -- C:\Arquivos de Programas\TuneUp Utilities 2010\TuneUpUtilitiesApp32.exe

PRC - [2010/05/07 17:48:18 | 001,051,976 | ---- | M] (TuneUp Software) -- C:\Arquivos de Programas\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe

PRC - [2010/03/08 23:52:49 | 000,015,872 | ---- | M] () -- C:\Arquivos de Programas\Unlocker\UnlockerAssistant.exe

PRC - [2009/10/31 02:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2009/07/13 22:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de Programas\Windows Media Player\wmpnetwk.exe

PRC - [2009/07/13 22:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe

PRC - [2009/07/13 22:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de Programas\Windows Sidebar\sidebar.exe

PRC - [2009/07/13 22:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sppsvc.exe

PRC - [2009/07/13 22:14:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe

PRC - [2009/02/26 15:24:50 | 000,097,680 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de Programas\Microsoft Office\Office12\ONENOTEM.EXE

PRC - [2008/10/25 11:44:34 | 000,031,072 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de Programas\Microsoft Office\Office12\GrooveMonitor.exe

PRC - [2008/03/20 20:23:22 | 000,083,240 | ---- | M] (Cyberlink Corp.) -- C:\Arquivos de Programas\CyberLink\PowerDVD8\PDVD8Serv.exe

========== Modules (SafeList) ==========

MOD - [2010/08/21 14:26:26 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Cairo\Desktop\OTL.exe

MOD - [2009/07/13 22:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll

MOD - [2009/07/13 22:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll

MOD - [2009/07/13 22:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll

MOD - [2009/07/13 22:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll

MOD - [2009/07/13 22:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll

MOD - [2009/07/13 22:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll

MOD - [2009/07/13 22:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll

MOD - [2009/07/13 22:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll

MOD - [2009/07/13 22:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll

MOD - [2009/07/13 22:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll

MOD - [2009/07/13 22:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx

MOD - [2009/07/13 22:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - [2010/07/14 10:41:22 | 000,435,016 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Arquivos de Programas\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag)

SRV - [2010/06/28 17:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Web Scanner)

SRV - [2010/06/28 17:57:15 | 000,040,384 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Mail Scanner)

SRV - [2010/06/28 17:57:15 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)

SRV - [2010/06/17 12:40:16 | 000,488,960 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)

SRV - [2010/05/31 13:33:48 | 000,314,584 | R--- | M] (cFos Software GmbH) [Auto | Running] -- C:\Program Files\cFosSpeed\spd.exe -- (cFosSpeedS)

SRV - [2010/05/07 17:48:18 | 001,051,976 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2010\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)

SRV - [2010/05/07 17:45:06 | 000,030,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)

SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009/08/24 22:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Program Files\Ashampoo\Ashampoo WinOptimizer 7\Dfsdks.exe -- (DfSdkS)

SRV - [2009/07/13 22:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)

SRV - [2009/07/13 22:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)

SRV - [2009/07/13 22:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)

SRV - [2009/07/13 22:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)

SRV - [2009/07/13 22:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)

SRV - [2009/07/13 22:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)

SRV - [2009/07/13 22:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

SRV - [2009/07/13 22:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)

SRV - [2009/07/13 22:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)

SRV - [2009/07/13 22:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)

SRV - [2009/07/13 22:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)

SRV - [2009/07/13 22:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)

SRV - [2009/07/13 22:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Arquivos de Programas\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2009/07/13 22:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)

SRV - [2009/07/13 22:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)

SRV - [2009/07/13 22:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)

SRV - [2009/07/13 22:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)

SRV - [2009/07/13 22:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)

SRV - [2009/07/13 22:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) Instalador do ActiveX (AxInstSV)

SRV - [2009/07/13 22:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)

SRV - [2009/07/13 22:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)

========== Driver Services (SafeList) ==========

DRV - [2010/06/28 17:39:38 | 000,312,912 | ---- | M] (ALWIL Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)

DRV - [2010/06/28 17:37:52 | 000,046,672 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2010/06/28 17:37:30 | 000,165,456 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)

DRV - [2010/06/28 17:33:13 | 000,023,376 | ---- | M] (ALWIL Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2010/06/28 17:32:56 | 000,050,256 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV - [2010/06/28 17:32:33 | 000,017,744 | ---- | M] (ALWIL Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV - [2010/06/17 12:40:16 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)

DRV - [2010/06/16 22:02:31 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)

DRV - [2010/05/31 13:33:56 | 001,079,000 | ---- | M] (cFos Software GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\cfosspeed.sys -- (cFosSpeed)

DRV - [2010/02/25 11:18:08 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Arquivos de Programas\TuneUp Utilities 2010\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)

DRV - [2009/12/11 04:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)

DRV - [2009/07/13 22:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)

DRV - [2009/07/13 22:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)

DRV - [2009/07/13 22:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)

DRV - [2009/07/13 22:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)

DRV - [2009/07/13 22:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)

DRV - [2009/07/13 22:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)

DRV - [2009/07/13 22:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)

DRV - [2009/07/13 22:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)

DRV - [2009/07/13 22:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)

DRV - [2009/07/13 22:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)

DRV - [2009/07/13 22:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)

DRV - [2009/07/13 22:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)

DRV - [2009/07/13 22:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)

DRV - [2009/07/13 22:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)

DRV - [2009/07/13 22:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)

DRV - [2009/07/13 22:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)

DRV - [2009/07/13 22:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)

DRV - [2009/07/13 22:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)

DRV - [2009/07/13 22:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)

DRV - [2009/07/13 22:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)

DRV - [2009/07/13 22:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)

DRV - [2009/07/13 22:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)

DRV - [2009/07/13 22:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)

DRV - [2009/07/13 22:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)

DRV - [2009/07/13 22:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)

DRV - [2009/07/13 22:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)

DRV - [2009/07/13 22:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)

DRV - [2009/07/13 22:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)

DRV - [2009/07/13 22:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)

DRV - [2009/07/13 22:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)

DRV - [2009/07/13 22:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)

DRV - [2009/07/13 22:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)

DRV - [2009/07/13 22:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)

DRV - [2009/07/13 22:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)

DRV - [2009/07/13 22:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)

DRV - [2009/07/13 22:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)

DRV - [2009/07/13 22:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)

DRV - [2009/07/13 22:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)

DRV - [2009/07/13 22:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)

DRV - [2009/07/13 22:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)

DRV - [2009/07/13 22:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)

DRV - [2009/07/13 22:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)

DRV - [2009/07/13 21:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)

DRV - [2009/07/13 21:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)

DRV - [2009/07/13 21:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)

DRV - [2009/07/13 20:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)

DRV - [2009/07/13 20:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)

DRV - [2009/07/13 20:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)

DRV - [2009/07/13 20:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)

DRV - [2009/07/13 20:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)

DRV - [2009/07/13 20:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)

DRV - [2009/07/13 20:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)

DRV - [2009/07/13 20:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)

DRV - [2009/07/13 20:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)

DRV - [2009/07/13 20:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)

DRV - [2009/07/13 20:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)

DRV - [2009/07/13 20:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)

DRV - [2009/07/13 20:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)

DRV - [2009/07/13 20:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)

DRV - [2009/07/13 20:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)

DRV - [2009/07/13 20:19:21 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HidBatt.sys -- (HidBatt)

DRV - [2009/07/13 20:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)

DRV - [2009/07/13 20:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)

DRV - [2009/07/13 19:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)

DRV - [2009/07/13 19:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)

DRV - [2009/07/13 19:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)

DRV - [2009/07/13 19:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)

DRV - [2009/07/13 19:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)

DRV - [2009/07/13 19:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)

DRV - [2009/07/13 19:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)

DRV - [2009/07/13 19:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)

DRV - [2009/07/13 19:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)

DRV - [2009/07/13 19:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)

DRV - [2009/06/10 18:19:48 | 009,853,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2009/05/13 19:11:34 | 000,006,504 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)

DRV - [2007/12/17 17:14:06 | 000,012,400 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AsIO.sys -- (AsIO)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: {b5d39f9d-9d08-4466-8f80-9873ed5124dd} - Reg Error: Key error. File not found

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1295590882-402542252-118978673-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie

IE - HKU\S-1-5-21-1295590882-402542252-118978673-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKU\S-1-5-21-1295590882-402542252-118978673-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.br/

IE - HKU\S-1-5-21-1295590882-402542252-118978673-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://br.msn.com/?ocid=iehp

IE - HKU\S-1-5-21-1295590882-402542252-118978673-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br

IE - HKU\S-1-5-21-1295590882-402542252-118978673-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C0 E8 CC 59 A1 0D CB 01 [binary data]

IE - HKU\S-1-5-21-1295590882-402542252-118978673-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKU\S-1-5-21-1295590882-402542252-118978673-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKU\S-1-5-21-1295590882-402542252-118978673-1000\..\URLSearchHook: {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Arquivos de Programas\Crawler\Toolbar\ctbr.dll (Crawler.com)

IE - HKU\S-1-5-21-1295590882-402542252-118978673-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1295590882-402542252-118978673-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = http://www.pacotesr0x.biz/0xf04.pac

========== FireFox ==========

FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8

FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.2.0185

FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.5.3

FF - prefs.js..extensions.enabledItems: {4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.3

FF - prefs.js..extensions.enabledItems: {87F8774F-B485-47E2-A755-A40A8A5E886D}:1.0.7.6

FF - prefs.js..extensions.enabledItems: {b5d39f9d-9d08-4466-8f80-9873ed5124dd}:2.7.1.3

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20

FF - prefs.js..extensions.enabledItems: mozilla_cc@internetdownloadmanager.com:6.9.8

FF - prefs.js..extensions.enabledItems: {7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D}:1.0.125.1

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21

FF - prefs.js..network.proxy.autoconfig_url: "http://www.pacotesr0x.biz/0xf04.pac"

FF - prefs.js..network.proxy.socks_port: 80

FF - prefs.js..network.proxy.type: 2

FF - HKLM\software\mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\Toolbar\firefox\ [2010/06/17 12:40:37 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/07/25 20:43:42 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.8\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/08/02 07:50:22 | 000,000,000 | ---D | M]

[2010/06/16 19:52:19 | 000,000,000 | ---D | M] -- C:\Users\Cairo\AppData\Roaming\mozilla\Extensions

[2010/08/21 14:19:45 | 000,000,000 | ---D | M] -- C:\Users\Cairo\AppData\Roaming\mozilla\Firefox\Profiles\knie56m0.default\extensions

[2010/08/01 21:21:39 | 000,000,000 | ---D | M] (Qualys BrowserCheck) -- C:\Users\Cairo\AppData\Roaming\mozilla\Firefox\Profiles\knie56m0.default\extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D}

[2010/07/13 10:47:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Cairo\AppData\Roaming\mozilla\Firefox\Profiles\knie56m0.default\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886D}

[2010/07/13 10:48:25 | 000,000,000 | ---D | M] (Softonic.com.br FF Toolbar) -- C:\Users\Cairo\AppData\Roaming\mozilla\Firefox\Profiles\knie56m0.default\extensions\{b5d39f9d-9d08-4466-8f80-9873ed5124dd}

[2010/07/27 06:51:05 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Cairo\AppData\Roaming\mozilla\Firefox\Profiles\knie56m0.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2010/07/13 10:48:25 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Cairo\AppData\Roaming\mozilla\Firefox\Profiles\knie56m0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}

[2010/07/13 10:48:21 | 000,000,000 | ---D | M] -- C:\Users\Cairo\AppData\Roaming\mozilla\Firefox\Profiles\knie56m0.default\extensions\DTToolbar@toolbarnet.com

[2010/07/13 10:48:24 | 000,000,000 | ---D | M] -- C:\Users\Cairo\AppData\Roaming\mozilla\Firefox\Profiles\knie56m0.default\extensions\personas@christopher.beard

[2010/06/08 11:36:24 | 000,000,939 | ---- | M] () -- C:\Users\Cairo\AppData\Roaming\Mozilla\FireFox\Profiles\knie56m0.default\searchplugins\conduit.xml

[2010/06/16 22:02:51 | 000,002,059 | ---- | M] () -- C:\Users\Cairo\AppData\Roaming\Mozilla\FireFox\Profiles\knie56m0.default\searchplugins\daemon-search.xml

[2010/08/16 10:07:56 | 000,000,000 | ---D | M] -- C:\Arquivos de Programas\Mozilla Firefox\extensions

[2010/07/12 09:59:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Arquivos de Programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

[2010/08/16 10:07:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Arquivos de Programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

[2010/07/17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Arquivos de Programas\Mozilla Firefox\plugins\npdeployJava1.dll

[2010/06/26 18:54:01 | 000,075,208 | ---- | M] (Foxit Software Company) -- C:\Arquivos de Programas\Mozilla Firefox\plugins\npFoxitReaderPlugin.dll

[2010/07/02 10:34:09 | 000,001,027 | ---- | M] () -- C:\Arquivos de Programas\Mozilla Firefox\searchplugins\buscape.xml

[2009/09/21 12:24:16 | 000,001,329 | ---- | M] () -- C:\Arquivos de Programas\Mozilla Firefox\searchplugins\crawlersrch.xml

[2010/07/02 10:34:09 | 000,001,212 | ---- | M] () -- C:\Arquivos de Programas\Mozilla Firefox\searchplugins\mercadolivre.xml

[2010/07/02 10:34:09 | 000,001,168 | ---- | M] () -- C:\Arquivos de Programas\Mozilla Firefox\searchplugins\wikipedia-br.xml

[2010/07/02 10:34:09 | 000,000,952 | ---- | M] () -- C:\Arquivos de Programas\Mozilla Firefox\searchplugins\yahoo-br.xml

O1 HOSTS File: ([2010/06/17 02:17:25 | 000,000,921 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 genuine.microsoft.com

O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com

O1 - Hosts: 127.0.0.1 sls.microsoft.com

O2 - BHO: (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Arquivos de Programas\Internet Download Manager\IDMIECC.dll (Tonec Inc.)

O2 - BHO: () - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Arquivos de Programas\Crawler\Toolbar\ctbr.dll (Crawler.com)

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de Programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O2 - BHO: (Auxiliar de Conexão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de Programas\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.

O3 - HKLM\..\Toolbar: (Barra de Ferramentas &Crawler) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Arquivos de Programas\Crawler\Toolbar\ctbr.dll (Crawler.com)

O3 - HKLM\..\Toolbar: (no name) - {b5d39f9d-9d08-4466-8f80-9873ed5124dd} - No CLSID value found.

O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Barra de Ferramentas &Crawler) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Arquivos de Programas\Crawler\Toolbar\ctbr.dll (Crawler.com)

O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Barra de Ferramentas &Crawler) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Arquivos de Programas\Crawler\Toolbar\ctbr.dll (Crawler.com)

O3 - HKU\S-1-5-21-1295590882-402542252-118978673-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.

O3 - HKU\S-1-5-21-1295590882-402542252-118978673-1000\..\Toolbar\WebBrowser: (Barra de Ferramentas &Crawler) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Arquivos de Programas\Crawler\Toolbar\ctbr.dll (Crawler.com)

O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [NeroFilterCheck] C:\Arquivos de Programas\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)

O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe ()

O4 - HKLM..\Run: [RemoteControl8] C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe (Cyberlink Corp.)

O4 - HKLM..\Run: [spywareTerminator] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)

O4 - HKLM..\Run: [synNglp] C:\Windows\System32\SynNglp.exe ()

O4 - HKLM..\Run: [unlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()

O4 - HKU\.DEFAULT..\Run: [spywareTerminatorUpdate] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)

O4 - HKU\S-1-5-18..\Run: [spywareTerminatorUpdate] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)

O4 - HKU\S-1-5-21-1295590882-402542252-118978673-1000..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group)

O4 - HKU\S-1-5-21-1295590882-402542252-118978673-1000..\Run: [iDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)

O4 - HKU\S-1-5-21-1295590882-402542252-118978673-1000..\Run: [igndlm.exe] C:\Program Files\Download Manager\DLM.exe (IGN Entertainment)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O4 - Startup: C:\Users\Cairo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Arquivos de Programas\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O7 - HKU\S-1-5-21-1295590882-402542252-118978673-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)

O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Arquivos de Programas\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O8 - Extra context menu item: Fazer o download de conteúdo de vídeo FLV usando o IDM - C:\Arquivos de Programas\Internet Download Manager\IEGetVL.htm ()

O8 - Extra context menu item: Fazer o download de todos os links usando o IDM - C:\Arquivos de Programas\Internet Download Manager\IEGetAll.htm ()

O8 - Extra context menu item: Fazer o download usando o IDM - C:\Arquivos de Programas\Internet Download Manager\IEExt.htm ()

O9 - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Arquivos de Programas\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.254.254

O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de Programas\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de Programas\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Arquivos de Programas\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de Programas\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Arquivos de Programas\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Arquivos de Programas\Crawler\Toolbar\ctbr.dll (Crawler.com)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de Programas\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Arquivos de Programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/06/10 18:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\{2e41bc6c-79ac-11df-99dc-00248c8125c3}\Shell - "" = AutoRun

O33 - MountPoints2\{2e41bc6c-79ac-11df-99dc-00248c8125c3}\Shell\AutoRun\command - "" = F:\autorun.exe -- File not found

O33 - MountPoints2\{2e41bc6c-79ac-11df-99dc-00248c8125c3}\Shell\directx\command - "" = DirectX9\dxsetup.exe

O33 - MountPoints2\{2e41bc6c-79ac-11df-99dc-00248c8125c3}\Shell\setup\command - "" = F:\setup.exe -- File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - File not found

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)

NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)

NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)

MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)

MsConfig - StartUpReg: uTorrent - hkey= - key= - C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)

MsConfig - State: "startup" - 2

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: NTDS - File not found

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Power - C:\Windows\System32\umpo.dll (Microsoft Corporation)

SafeBootMin: Primary disk - Driver Group

SafeBootMin: RpcEptMapper - C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vmms - Service

SafeBootMin: WinDefend - C:\Arquivos de Programas\Windows Defender\MpSvc.dll (Microsoft Corporation)

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: Dhcp - C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: Messenger - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: ndiscap - C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: NTDS - File not found

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Power - C:\Windows\System32\umpo.dll (Microsoft Corporation)

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: RpcEptMapper - C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vmms - Service

SafeBootNet: WinDefend - C:\Arquivos de Programas\Windows Defender\MpSvc.dll (Microsoft Corporation)

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {49C187D7-91E1-459E-9759-2925384BD397} - .NET Framework

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3fhg - C:\Windows\System32\mp3fhg.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.lhacm - C:\Windows\System32\lhacm.acm (Microsoft Corporation)

Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()

Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()

========== Files/Folders - Created Within 30 Days ==========

[2010/08/21 14:26:24 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Cairo\Desktop\OTL.exe

[2010/08/20 08:09:21 | 000,000,000 | ---D | C] -- C:\Users\Cairo\AppData\Roaming\Malwarebytes

[2010/08/20 07:30:13 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2010/08/20 07:30:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2010/08/20 07:30:10 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2010/08/20 07:30:09 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Malwarebytes' Anti-Malware

[2010/08/16 01:39:29 | 000,000,000 | ---D | C] -- C:\LineageII

[2010/08/15 21:45:29 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\System32\npptNT2.sys

[2010/08/15 21:32:42 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\NCsoft

[2010/08/15 07:09:48 | 000,000,000 | ---D | C] -- C:\Users\Cairo\AppData\Roaming\IGN_DLM

[2010/08/15 07:08:03 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Download Manager

[2010/08/06 08:58:10 | 000,017,744 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswFsBlk.sys

[2010/08/06 08:58:09 | 000,165,456 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSP.sys

[2010/08/06 08:58:07 | 000,312,912 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswSnx.sys

[2010/08/06 08:58:07 | 000,023,376 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswRdr.sys

[2010/08/06 08:58:04 | 000,046,672 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswTdi.sys

[2010/08/06 08:58:01 | 000,050,256 | ---- | C] (ALWIL Software) -- C:\Windows\System32\drivers\aswMonFlt.sys

[2010/08/06 08:57:38 | 000,038,848 | ---- | C] (ALWIL Software) -- C:\Windows\avastSS.scr

[2010/08/06 08:57:37 | 000,165,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe

[2010/08/06 08:05:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software

[2010/08/06 07:21:10 | 000,028,160 | ---- | C] (mst software GmbH, Germany) -- C:\Windows\System32\DfSdkBt.exe

[2010/08/04 11:25:13 | 000,000,000 | ---D | C] -- C:\Windows\element

[2010/08/01 21:26:51 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS

[2010/08/01 21:22:18 | 000,000,000 | ---D | C] -- C:\Users\Cairo\AppData\Roaming\Qualys

[2010/07/31 15:17:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Age of Empires 3

[2010/07/29 13:35:37 | 000,000,000 | ---D | C] -- C:\Users\Cairo\Office Genuine Advantage

[2010/07/26 07:07:54 | 000,000,000 | ---D | C] -- C:\Users\Cairo\AppData\Roaming\skypePM

[2010/07/26 07:05:24 | 000,000,000 | ---D | C] -- C:\Users\Cairo\AppData\Roaming\Skype

[2010/07/26 07:02:08 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Common Files\Skype

[2010/07/26 07:02:07 | 000,000,000 | R--D | C] -- C:\Arquivos de Programas\Skype

[2010/07/26 07:02:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype

[2010/07/25 11:24:55 | 000,000,000 | ---D | C] -- C:\Users\Cairo\AppData\Roaming\teamspeak2

[2010/07/25 11:24:28 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Teamspeak2_RC2

[2010/06/22 13:45:17 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Cairo\AppData\Roaming\pcouffin.sys

========== Files - Modified Within 30 Days ==========

[2010/08/21 14:38:56 | 003,932,160 | -HS- | M] () -- C:\Users\Cairo\ntuser.dat

[2010/08/21 14:26:26 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Cairo\Desktop\OTL.exe

[2010/08/21 14:14:46 | 000,021,040 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2010/08/21 14:14:46 | 000,021,040 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2010/08/21 06:40:52 | 000,001,519 | ---- | M] () -- C:\Users\Cairo\Desktop\HiJackThis - Atalho.lnk

[2010/08/21 06:18:42 | 001,517,030 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI

[2010/08/21 06:18:42 | 000,659,830 | ---- | M] () -- C:\Windows\System32\prfh0416.dat

[2010/08/21 06:18:42 | 000,612,034 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2010/08/21 06:18:42 | 000,124,120 | ---- | M] () -- C:\Windows\System32\prfc0416.dat

[2010/08/21 06:18:42 | 000,102,414 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2010/08/21 06:14:58 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\AWC AutoSweep.job

[2010/08/21 06:14:44 | 000,000,370 | ---- | M] () -- C:\Windows\tasks\AWC Startup.job

[2010/08/21 06:14:41 | 000,000,298 | -HS- | M] () -- C:\Windows\tasks\qeogbeol.job

[2010/08/21 06:14:39 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2010/08/21 06:14:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010/08/21 06:14:14 | 1610,051,584 | -HS- | M] () -- C:\hiberfil.sys

[2010/08/20 18:16:09 | 001,137,695 | -H-- | M] () -- C:\Users\Cairo\AppData\Local\IconCache.db

[2010/08/20 10:16:04 | 000,001,057 | ---- | M] () -- C:\Users\Cairo\AppData\Roaming\vso_ts_preview.xml

[2010/08/20 07:30:16 | 000,000,997 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2010/08/19 20:11:15 | 000,000,388 | ---- | M] () -- C:\Windows\tasks\AWC Update.job

[2010/08/17 10:23:28 | 000,421,376 | ---- | M] () -- C:\Windows\System32\SynNglp.exe

[2010/08/17 09:09:24 | 000,001,183 | ---- | M] () -- C:\Users\Cairo\Desktop\Jogar WoK.lnk

[2010/08/15 07:08:04 | 000,000,998 | ---- | M] () -- C:\Users\Public\Desktop\Download Manager.lnk

[2010/08/12 07:56:51 | 000,000,965 | ---- | M] () -- C:\Users\Cairo\Desktop\CCleaner.lnk

[2010/08/12 07:42:43 | 000,410,656 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2010/08/09 14:06:07 | 000,013,824 | ---- | M] () -- C:\Users\Cairo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/08/06 08:58:11 | 000,002,005 | ---- | M] () -- C:\Users\Public\Desktop\avast! Pro Antivirus.lnk

[2010/08/06 08:58:01 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt

[2010/08/06 07:21:12 | 000,001,998 | ---- | M] () -- C:\Users\Public\Desktop\Otimizador Um-Clique.lnk

[2010/08/06 07:21:11 | 000,001,084 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo WinOptimizer 7.lnk

[2010/08/06 07:05:21 | 000,003,258 | ---- | M] () -- C:\Users\Cairo\AppData\Roaming\Cerulean.lic

[2010/08/05 17:17:07 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

[2010/08/05 11:47:48 | 000,008,627 | ---- | M] () -- C:\Windows\System32\PAV_FOG.OPC

[2010/08/02 07:59:48 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat

[2010/08/02 07:50:49 | 000,000,159 | ---- | M] () -- C:\Windows\System32\drivers\etc\pfdnnt.act

[2010/07/31 17:26:01 | 000,001,402 | ---- | M] () -- C:\Users\Cairo\Desktop\frd - Atalho.lnk

[2010/07/31 13:52:38 | 000,000,556 | ---- | M] () -- C:\Users\Cairo\Desktop\Age of Empires III.lnk

[2010/07/26 07:02:08 | 000,002,535 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk

[2010/07/25 11:24:33 | 000,000,954 | ---- | M] () -- C:\Users\Cairo\Desktop\Teamspeak 2 RC2.lnk

========== Files Created - No Company Name ==========

[2010/08/21 06:40:52 | 000,001,519 | ---- | C] () -- C:\Users\Cairo\Desktop\HiJackThis - Atalho.lnk

[2010/08/20 07:30:16 | 000,000,997 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2010/08/19 01:28:54 | 000,000,388 | ---- | C] () -- C:\Windows\tasks\AWC Update.job

[2010/08/19 01:28:53 | 000,000,376 | ---- | C] () -- C:\Windows\tasks\AWC AutoSweep.job

[2010/08/17 10:22:02 | 000,421,376 | ---- | C] () -- C:\Windows\System32\SynNglp.exe

[2010/08/17 09:09:06 | 000,001,183 | ---- | C] () -- C:\Users\Cairo\Desktop\Jogar WoK.lnk

[2010/08/15 21:45:28 | 000,005,174 | ---- | C] () -- C:\Windows\System32\nppt9x.vxd

[2010/08/15 07:08:04 | 000,000,998 | ---- | C] () -- C:\Users\Public\Desktop\Download Manager.lnk

[2010/08/06 08:58:11 | 000,002,005 | ---- | C] () -- C:\Users\Public\Desktop\avast! Pro Antivirus.lnk

[2010/08/05 17:17:07 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

[2010/08/04 08:18:56 | 000,003,258 | ---- | C] () -- C:\Users\Cairo\AppData\Roaming\Cerulean.lic

[2010/08/02 07:59:48 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2010/07/31 17:26:01 | 000,001,402 | ---- | C] () -- C:\Users\Cairo\Desktop\frd - Atalho.lnk

[2010/07/31 13:52:38 | 000,000,556 | ---- | C] () -- C:\Users\Cairo\Desktop\Age of Empires III.lnk

[2010/07/26 07:02:08 | 000,002,535 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk

[2010/07/26 06:48:29 | 000,001,084 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo WinOptimizer 7.lnk

[2010/07/25 11:24:33 | 000,000,954 | ---- | C] () -- C:\Users\Cairo\Desktop\Teamspeak 2 RC2.lnk

[2010/07/12 10:04:26 | 000,024,576 | ---- | C] () -- C:\Windows\System32\AsIO.dll

[2010/07/12 10:04:26 | 000,012,400 | ---- | C] () -- C:\Windows\System32\drivers\AsIO.sys

[2010/07/12 10:04:18 | 000,011,832 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp64.sys

[2010/07/12 10:04:17 | 000,010,216 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp32.sys

[2010/07/12 10:03:51 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini

[2010/07/12 10:03:42 | 000,006,504 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys

[2010/07/11 09:37:25 | 000,000,045 | ---- | C] () -- C:\Windows\System32\_WDYSZYG.sys

[2010/07/08 10:50:10 | 000,013,824 | ---- | C] () -- C:\Users\Cairo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2010/07/08 10:23:17 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini

[2010/07/08 10:23:12 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll

[2010/07/08 10:23:12 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll

[2010/07/08 10:23:11 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll

[2010/07/08 10:23:11 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest

[2010/06/22 13:46:39 | 000,001,057 | ---- | C] () -- C:\Users\Cairo\AppData\Roaming\vso_ts_preview.xml

[2010/06/22 13:45:49 | 000,000,034 | ---- | C] () -- C:\Users\Cairo\AppData\Roaming\pcouffin.log

[2010/06/22 13:45:17 | 000,087,608 | ---- | C] () -- C:\Users\Cairo\AppData\Roaming\inst.exe

[2010/06/22 13:45:17 | 000,007,887 | ---- | C] () -- C:\Users\Cairo\AppData\Roaming\pcouffin.cat

[2010/06/22 13:45:17 | 000,001,144 | ---- | C] () -- C:\Users\Cairo\AppData\Roaming\pcouffin.inf

[2010/06/17 12:40:16 | 000,142,592 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys

[2010/06/17 02:21:15 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll

[2010/06/16 22:02:31 | 000,691,696 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys

[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll

[2009/07/13 20:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll

[2009/07/13 20:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

[2009/07/13 20:36:08 | 000,193,024 | ---- | C] () -- C:\Windows\System32\sppcomapi.dll

========== Purity Check ==========

========== Custom Scans ==========

< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >

[2010/06/16 19:37:43 | 000,000,000 | ---D | M] -- C:\Users\Cairo\AppData\Roaming\Adobe

[2010/07/10 21:36:30 | 000,000,000 | ---D | M] -- C:\Users\Cairo\AppData\Roaming\Ahead

[2010/06/17 02:56:21 | 000,000,000 | ---D | M] -- C:\Users\Cairo\AppData\Roaming\CyberLink

[2010/06/28 17:32:14 | 000,000,000 | ---D | M] -- C:\Users\Cairo\AppData\Roaming\DAEMON Tools Lite

[2010/07/13 10:48:16 | 000,000,000 | ---D | M] -- C:\Users\Cairo\AppData\Roaming\Desktopicon

[2010/08/21 06:15:23 | 000,000,000 | ---D | M] -- C:\Users\Cairo\AppData\Roaming\DMCache

[2010/07/13 10:48:16 | 000,000,000 | ---D | M] -- C:\Users\Cairo\AppData\Roaming\Foxit

[2010/06/17 02:13:31 | 000,000,000 | ---D | M] -- C:\Users\Cairo\AppData\Roaming\Identities

[2010/08/21 06:22:47 | 000,000,000 | ---D | M] -- C:\Users\Cairo\AppData\Roaming\IDM

[2010/08/15 15:37:49 | 000,000,000 | ---D | M] -- C:\Users\Cairo\AppData\Roaming\IGN_DLM

[2010/07/13 10:48:17 | 000,000,000 | ---D | M] -- C:\Users\Cairo\AppData\Roaming\IObit

[2010/06/16 19:37:43 | 000,000,000 | ---D | M] -- C:\Users\Cairo\AppData\Roaming\Macromedia

[2010/08/20 08:09:21 | 000,000,000 | ---D | M] -- C:\Users\Cairo\AppData\Roaming\Malwarebytes

[2009/07/14 04:48:45 | 000,000,000 | ---D | M] -- C:\Users\Cairo\AppData\Roaming\Media Center Programs

[2010/08/19 07:44:28 | 000,000,000 | ---D | M] -- C:\Users\Cairo\AppData\Roaming\Media Player Classic

[2010/07/13 10:48:18 | 000,000,000 | --SD | M] -- C:\Users\Cairo\AppData\Roaming\Microsoft

[2010/07/13 10:47:31 | 000,000,000 | ---D | M] -- C:\Users\Cairo\AppData\Roaming\Mozilla

[2010/08/01 21:22:18 | 000,000,000 | ---D | M] -- C:\Users\Cairo\AppData\Roaming\Qualys

[2010/07/10 11:25:23 | 000,000,000 | ---D | M] -- C:\Users\Cairo\AppData\Roaming\Real

[2010/08/03 15:03:57 | 000,000,000 | ---D | M] -- C:\Users\Cairo\AppData\Roaming\Skype

[2010/08/03 14:04:34 | 000,000,000 | ---D | M] -- C:\Users\Cairo\AppData\Roaming\skypePM

[2010/06/23 14:47:25 | 000,000,000 | ---D | M] -- C:\Users\Cairo\AppData\Roaming\Sony

[2010/07/13 10:48:25 | 000,000,000 | ---D | M] -- C:\Users\Cairo\AppData\Roaming\Spyware Terminator

[2010/08/15 13:29:44 | 000,000,000 | ---D | M] -- C:\Users\Cairo\AppData\Roaming\teamspeak2

[2010/07/13 10:47:37 | 000,000,000 | ---D | M] -- C:\Users\Cairo\AppData\Roaming\TuneUp Software

[2010/07/16 09:02:32 | 000,000,000 | ---D | M] -- C:\Users\Cairo\AppData\Roaming\Uniblue

[2010/08/09 20:36:16 | 000,000,000 | ---D | M] -- C:\Users\Cairo\AppData\Roaming\uTorrent

[2010/06/16 19:41:02 | 000,000,000 | ---D | M] -- C:\Users\Cairo\AppData\Roaming\VitySoft

[2010/08/20 10:16:06 | 000,000,000 | ---D | M] -- C:\Users\Cairo\AppData\Roaming\Vso

[2010/06/16 19:58:14 | 000,000,000 | ---D | M] -- C:\Users\Cairo\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >

[2010/06/22 13:45:17 | 000,087,608 | ---- | M] () -- C:\Users\Cairo\AppData\Roaming\inst.exe

< %SYSTEMDRIVE%\*.exe >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

[2009/07/13 22:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtmsft.dll

[2009/07/13 22:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\dxtrans.dll

[2009/07/13 22:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\LocationApi.dll

[2009/07/13 22:16:15 | 000,193,024 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\sppcomapi.dll

< %systemroot%\Tasks\*.job /lockedfiles >

[2010/08/21 06:14:41 | 000,000,298 | -HS- | M] () Unable to obtain MD5 -- C:\Windows\Tasks\qeogbeol.job

< %systemroot%\system32\drivers\*.sys /lockedfiles >

[2010/06/16 22:02:31 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\sptd.sys

< End of report >

e o segundo relatório:

OTL Extras logfile created on: 21/08/2010 14:36:55 - Run 1

OTL by OldTimer - Version 3.2.10.0 Folder = C:\Users\Cairo\Desktop

Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 60,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 71,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 73,14 Gb Total Space | 26,99 Gb Free Space | 36,89% Space Free | Partition Type: NTFS

Drive D: | 75,81 Gb Total Space | 43,05 Gb Free Space | 56,79% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

Computer Name: CAIRO-PC

Current User Name: Cairo

Logged in as Administrator.

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: On

Skip Microsoft Files: On

File Age = 30 Days

Output = Standard

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-1295590882-402542252-118978673-1000\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htafile [open] -- "%1" %*

htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~4\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0D30C477-9454-4F7F-8278-487743A8DDAB}" = Sony Ericsson Media Manager 1.1

"{116216AB-82DA-460C-9D16-4A2A9D2187E2}" = TuneUp Utilities Language Pack (pt-BR)

"{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}" = Cool & Quiet

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Ferramenta de Carregamento do Windows Live

"{21040472-F8DF-48A9-A093-2986C1495670}" = Lineage II

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java 6 Update 21

"{283FFB23-8751-4B08-ACB8-5E0F8BCF7727}" = Pro Evolution Soccer 2010

"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime

"{293C9DF5-7669-4826-BBB2-E1F182D71046}" = Nero 7 Ultra Edition

"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8

"{32BC546A-8AA3-4239-AE92-9CF3291C35A6}" = Windows Live Call

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{51A9E3DD-37B8-47BB-8E67-5B76B3EFBC48}" = Assistente de Conexão do Windows Live

"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{90120000-0015-0416-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Brazil)) 2007

"{90120000-0015-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0416-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

"{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0416-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

"{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0416-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

"{90120000-0019-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0416-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

"{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0416-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Brazil)) 2007

"{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007

"{90120000-001F-0416-0000-0000000FF1CE}_ENTERPRISE_{75EBE365-7FC5-4720-A7D3-804BF550D1BC}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002C-0416-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Brazil)) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{90120000-0044-0416-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

"{90120000-0044-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-0416-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

"{90120000-006E-0416-0000-0000000FF1CE}_ENTERPRISE_{9A141B2B-7C5E-47D2-8E9E-9AC6018F3C42}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-0416-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

"{90120000-00A1-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00BA-0416-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

"{90120000-00BA-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted

"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0

"{B5ED7AB0-3838-4389-8549-7C8E22DD48F4}" = Windows Live Messenger

"{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1" = Uniblue DriverScanner

"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2

"{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}" = TuneUp Utilities

"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.0.12.327

"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F2CD4651-F948-467C-B014-71FD981B7F59}" = Windows Live Essentials

"{FABB02D6-A7FD-4845-A6FA-60C565516712}" = Age of Empires III

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Advanced SystemCare 3_is1" = Advanced SystemCare 3

"Ares" = Ares 2.1.5

"Ashampoo WinOptimizer 2010 Advanced_is1" = Ashampoo WinOptimizer 2010 Advanced

"Ashampoo WinOptimizer 7_is1" = Ashampoo WinOptimizer 7.11

"avast5" = avast! Pro Antivirus

"CCleaner" = CCleaner

"cFosSpeed" = cFosSpeed v5.12

"CToolbar_UNINSTALL" = Crawler Toolbar with Web Security Guard

"Download Manager" = Download Manager 2.3.10

"DVD Decrypter" = DVD Decrypter (Remove Only)

"DVD Shrink_is1" = DVD Shrink 3.2

"ENTERPRISE" = Microsoft Office Enterprise 2007

"Foxit Reader" = Foxit Reader

"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8

"InstallShield_{FABB02D6-A7FD-4845-A6FA-60C565516712}" = Age of Empires III

"Internet Download Manager" = Internet Download Manager

"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.1.0

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Mozilla Firefox (3.6.8)" = Mozilla Firefox (3.6.8)

"Patch WoK 8.5 - World of Killers" = Patch WoK 8.5 - World of Killers

"Picasa 3" = Picasa 3

"Spyware Terminator_is1" = Spyware Terminator

"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2

"TuneUp Utilities" = TuneUp Utilities

"Unlocker" = Unlocker 1.8.9

"uTorrent" = µTorrent

"WinLiveSuite_Wave3" = Windows Live Essentials

"WinRAR archiver" = Compressor WinRAR

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 18/08/2010 06:45:02 | Computer Name = Cairo-PC | Source = Winlogon | ID = 4103

Description = Falha de ativação da licença do Windows. Erro 0x80070005.

Error - 18/08/2010 23:14:45 | Computer Name = Cairo-PC | Source = Winlogon | ID = 4103

Description = Falha de ativação da licença do Windows. Erro 0x80070005.

Error - 18/08/2010 23:24:44 | Computer Name = Cairo-PC | Source = Winlogon | ID = 4103

Description = Falha de ativação da licença do Windows. Erro 0x80070005.

Error - 19/08/2010 06:42:42 | Computer Name = Cairo-PC | Source = Winlogon | ID = 4103

Description = Falha de ativação da licença do Windows. Erro 0x80070005.

Error - 20/08/2010 06:12:32 | Computer Name = Cairo-PC | Source = Winlogon | ID = 4103

Description = Falha de ativação da licença do Windows. Erro 0x80070005.

Error - 20/08/2010 06:17:18 | Computer Name = Cairo-PC | Source = Winlogon | ID = 4103

Description = Falha de ativação da licença do Windows. Erro 0x80070005.

Error - 20/08/2010 07:50:09 | Computer Name = Cairo-PC | Source = Winlogon | ID = 4103

Description = Falha de ativação da licença do Windows. Erro 0x80070005.

Error - 20/08/2010 23:07:38 | Computer Name = Cairo-PC | Source = Winlogon | ID = 4103

Description = Falha de ativação da licença do Windows. Erro 0x80070005.

Error - 21/08/2010 01:27:59 | Computer Name = Cairo-PC | Source = Application Error | ID = 1000

Description = Nome de aplicativo com falha: L2.exe, versão: 0.0.0.0, carimbo de

hora: 0x4a0bafce Nome do módulo de falhas: D3DDrv.DLL, versão: 0.0.0.0, carimbo de

hora: 0x4a4d7680 Código de exceção: 0xc0000005 Deslocamento com falha: 0x000ce664

Identificação

do processo com falha: 0x14e4 Hora de início do aplicativo com falha: 0x01cb40ee6a1ee1d0

Caminho

do aplicativo com falha: C:\Program Files\NCsoft\Lineage II\WoK\L2.exe FCaminho

do módulo de falhas: C:\Program Files\NCsoft\Lineage II\WoK\D3DDrv.DLL Identificação

do Relatório: dc0905c0-ace4-11df-a3bb-00248c8125c3

Error - 21/08/2010 05:14:44 | Computer Name = Cairo-PC | Source = Winlogon | ID = 4103

Description = Falha de ativação da licença do Windows. Erro 0x80070005.

[ Media Center Events ]

Error - 28/07/2010 17:28:29 | Computer Name = Cairo-PC | Source = MCUpdate | ID = 0

Description = 18:28:29 - Erro ao estabelecer conexão com a Internet. 18:28:29 -